update to 1.3.4 (CVE-2021-0561)

.gitignore

@@ -1 +1 @@
-/flac-1.3.3.tar.xz
+/flac-1.3.4.tar.xz

flac-cve-2020-0499.patch

@@ -1,23 +0,0 @@
-commit 2e7931c27eb15e387da440a37f12437e35b22dd4
-Author: Erik de Castro Lopo <erikd@mega-nerd.com>
-Date:   Mon Oct 7 12:55:58 2019 +1100
-
-    libFLAC/bitreader.c: Fix out-of-bounds read
-    
-    Credit: Oss-Fuzz
-    Issue: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17069
-    Testcase: fuzzer_decoder-5670265022840832
-
-diff --git a/src/libFLAC/bitreader.c b/src/libFLAC/bitreader.c
-index 5e4b5918..3df4d02c 100644
---- a/src/libFLAC/bitreader.c
-+++ b/src/libFLAC/bitreader.c
-@@ -869,7 +869,7 @@ incomplete_lsbs:
- 			cwords = br->consumed_words;
- 			words = br->words;
- 			ucbits = FLAC__BITS_PER_WORD - br->consumed_bits;
--			b = br->buffer[cwords] << br->consumed_bits;
-+			b = cwords < br->capacity ? br->buffer[cwords] << br->consumed_bits : 0;
- 		} while(cwords >= words && val < end);
- 	}
- 

flac.spec

@@ -1,6 +1,6 @@
 Summary: An encoder/decoder for the Free Lossless Audio Codec
 Name: flac
-Version: 1.3.3
+Version: 1.3.4
 Release: 10%{?dist}
 License: BSD and GPLv2+ and GFDL
 Source0: https://downloads.xiph.org/releases/flac/flac-%{version}.tar.xz
@@ -14,8 +14,6 @@ BuildRequires: nasm >= 2.0
 %endif
 BuildRequires: make
 
-Patch1: flac-cve-2020-0499.patch
-
 %description
 FLAC stands for Free Lossless Audio Codec. Grossly oversimplified, FLAC
 is similar to Ogg Vorbis, but lossless. The FLAC project consists of
@@ -52,7 +50,6 @@ will use the Free Lossless Audio Codec.
 
 %prep
 %setup -q
-%patch1 -p1 -b .cve-2020-0499
 
 %build
 # use our libtool to avoid problems with RPATH

sources

@@ -1 +1 @@
-SHA512 (flac-1.3.3.tar.xz) = d6417e14fab0c41b2df369e5e39ce62a5f588e491af4d465b0162f74e171e5549b2f061867f344bfbf8aaccd246bf5f2acd697e532a2c7901c920c69429b1a28
+SHA512 (flac-1.3.4.tar.xz) = 4a626e8a1bd126e234c0e5061e3b46f3a27c2065fdfa228fd8cf00d3c7fa2c05fafb5cec36acce7bfce4914bfd7db0b2a27ee15decf2d8c4caad630f62d44ec9